Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Other Cloud Platforms Should Follow Heroku's Example of Transparency

DZone's Guide to

Other Cloud Platforms Should Follow Heroku's Example of Transparency

· Cloud Zone
Free Resource

Download the Essential Cloud Buyer’s Guide to learn important factors to consider before selecting a provider as well as buying criteria to help you make the best decision for your infrastructure needs, brought to you in partnership with Internap.

Last week, Heroku open sourced id.heroku.com, a key part of their authentication infrastructure, under the very permissive MIT license [ Here's the GitHub repo]. 

I commend their transparency and commitment to open source given that most companies don't open source this information.  It shows that they know enough about their security to be absolutely sure what's okay to open source.  Their argument was also bolstered by this statement: 'Heroku would not exist without open source. Other security sensitive open source software we use include "Rails" and "The Linux Kernel".'

Check out the post about this news, because it's actually a large, informative post about how they use OAuth for SSO, which I'm sure will provide inspiration for some of you.  There are plenty of whiteboard diagrams to illustrate as well.

The Cloud Zone is brought to you in partnership with Internap. Read Bare-Metal Cloud 101 to learn about bare-metal cloud and how it has emerged as a way to complement virtualized services.

Topics:

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}